Overview

overview

10

Static

static

10

ravidhtirad.bin.exe

windows7_x64

1

ravidhtirad.bin.exe

windows10_x64

1

Analysis

  • max time kernel
    41s
  • max time network
    135s
  • platform
    windows10_x64
  • resource
    win10v20201028
  • submitted
    01/04/2021, 20:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ravidhtirad.bin.exe

  • Size

    9.2MB

  • MD5

    938770e6e69e6feadb1b9f63af9969f4

  • SHA1

    4a4f4aac7bd4212762bb26b1bda882d44c7956a8

  • SHA256

    bbea096ceb3c94454a5b92e5f614f107bd98df0b9d2f7022574256d0614f35c8

  • SHA512

    383d8381409fdcfaf9632473c3a40f20d887326f452823ca754780c8bbd1879c42dd0d3574dc833a2f98f6e5adfe5c31786654a7252e4ad39770d164feb957dc

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ravidhtirad.bin.exe
    "C:\Users\Admin\AppData\Local\Temp\ravidhtirad.bin.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1204

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1204-2-0x00007FFB56140000-0x00007FFB56AE0000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/1204-3-0x00000000032F0000-0x00000000032F2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1204-4-0x00000000032F2000-0x00000000032F4000-memory.dmp

    Filesize

    8KB

    Download